Archive for the ‘Dynamics 365’ category

VAT key steps – Synergy Software Systems, Dubai.

January 8th, 2018

- Maintain regular accounting books and records

Account maintenance is now mandatory under UAE VAT Law and it facilitates the correct receipt and payment of cash and other transactions entered by a company. Audited accounts will be needed so don’t wait till year end to find an auditor that suits your business.

2- Make changes to the core processes and accounting departments

It is important to change your core processes and adapt your accounting departments to achieve tax compliance. For SMEs, with limited transactions, the task is easier as the transition is less likely to require significant systematic change or they might use an external bookkeeper or tax agent.

3- Train staff, especially financial management

Employees need proper insight around GCC-wide initiatives to implement VAT across the region and how companies should prepare. Help them de-mystify VAT by providing on the job training and a framework to raise and clarify queries. Avoid disputes with trading partners and ensure staff have the relevant information and training to resolve issues that arise.

4- Review your contracts and the contracts and conditions agreed with dealers

Many businesses negotiated contracts at a time VAT was not payable but running across the implementation dates. It is time to now bring contracts into step with the UAE’s economic context.

- Consider accounting software for bookkeeping

Electronic reporting systems are increasingly being used by tax authorities. The ability to produce the required audit file details on demand will be difficult without a system. Companies that use electronic invoicing are likely to improve the timing of VAT recovery on costs.

6- Adhere to VAT deadlines

Register your company to avoid a fine as severe as AED 20,000. The Federal Tax Authority (FTA) has already been extend the deadline to the 1st January and if you don’t complete VAT registrations you will also have to stop sales till you get your tax registration certificate (TRC).

Note initial returns are due 28 January 2018 so time is running out.

7- Study UAE tax legislation

The implementation of taxes in the UAE came with a whole new set of procedures. we recommend to study and get familiar with the different laws in place including the UAE VAT Law and to discuss with your auditor, tax agent and software provider.

8- Keep an eye out for new information

There have been a slew of clarifications in the last month and some details are still not finalised e.g. with regard to free zones, or which companies will report monthly and which quarterly.

SQL version – when should you upgrade – ask your Dynamics U.A.E. Partner, Synergy Software Systems

December 23rd, 2017

SQL Server for many years on a two-year release cycle. SQL Server 2017 arrived less than 18 months after SQL Server 2016 became available.

Since 2005 each release of SQL Server brings exciting new features and improvements to existing capabilities. Many organizations are running instances that are several versions of SQL Server behind.

To keep up with the latest SQL Server versions is a challenge, but risks losing mainstream support and missing out on beneficial features. Often database administrators must support multiple versions at once, and consultants face an even greater range of versions across their customers.

Microsoft has not committed to any specific release cadence for ersions of SQL Server. Many clients it seems are still running SQL Server 2008 R2. One reason why companies are hesitant to make the move off 2008 R2 is because of the change to per core licensing. The effort to test and to upgrade is discouraging, but it is best to do this on a planned basis than a reaction to a crisis..

It was a painful experience to upgrade from SQL Server 2000, but the compatibility gap between versions is much narrower once past 2005. To make upgrading easier, provides a tool called The Upgrade Advisor for each new version that will spot issues and provide a chance to resolve them before starting the upgrade process. Virtualization also makes setting up testing environments much simpler and quicker.

With each new version there are enhancements to T-SQL, improved availability and disaster recovery functionality, more security options, and additional ways to get better performance. 2016 service pack 1, was a game change – many previously Enterprise only features were ported down to more affordable editions.

Another consideration is support. It doesn’t take long to reach the end of mainstream support. SQL Server 2008 R2, for example, has been out of mainstream support since 2014. While it’s still in extended support, which will ensure security hotfixes, other support features are available only on a paid basis.

When you look at erp upgrades it makes sense to also review your SQL upgrade plans.

U.A.E. VAT rates

December 9th, 2017

The Federal Tax Authority (FTA) has announced the supplies that will be subject to Value Added Tax (VAT) as of January 1, 2018.Selected supplies in sectors such as transportation, real estate and financial services will be completely exempt from VAT, whereas certain government activities will be outside the scope of the tax system (and, therefore, not subject to tax). These include activities that are solely carried out by the government with no competition with the private sector, activities carried out by non-profit organisations.

The UAE Cabinet is expected to issue a decision to identify the government bodies and non-profit organisations that are not subject to VAT.

VAT treatment on select industries:
Education
Private and public school education (excluding higher education) and related goods and services provided by education institution 0%
Higher education provided by institution owned by government or 50% funded by government, and related goods and services 0%
Education provided by private higher educational institutions, and related goods and services 5%
Nursery education and pre-school education 0%
School uniforms 5%
Stationery 5%
Electronic equipment (tablets, laptops, etc.) 5%
Renting of school grounds for events 5%
After school activities for extra fee 5%
After school activities supplied by teachers and not for extra charge 0%
School trips where purpose is educational and within curriculum 0%
School trips for recreation or not within curriculum 5%

Healthcare:

Preventive healthcare services including vaccinations 0%
Healthcare services aimed at treatment of humans including medical services and dental services 0%
Other healthcare services that are not for treatment and are not preventive (e.g. elective, cosmetic, etc) 5%
Medicines and medical equipment as listed in Cabinet Decision 0%
Medicines and medical equipment not listed in Cabinet Decision 5%
Other medical supplies 5%

Oil and Gas:

Crude oil and natural gas 0%
Other oil and gas products including petrol at the pump 5%

Transportation:

Domestic passenger transportation (including flights within UAE) Exempt
International transportation of passengers and goods (including intra-GCC) 0%
Supply of a means of transport (air, sea and land) for the commercial transportation of goods and passengers (over 10 people) 0%
Supply of goods and services relating to these means of transport and to the transportation of goods and passengers 0%

Real Estate:

Sale and rent of commercial buildings (not residential buildings) 5%
First sale/rent of residential building after completion of construction or conversion 0%
First sale of charitable building 0%
Sale/rent of residential buildings subsequent to first supply Exempt
Hotels, motels and serviced accommodation 5%
Bare land Exempt
Land (not bare land) 5%
UAE citizen building own home 5% (recoverable)

Financial Services:

Margin based products (products not having an explicit fee, commission, rebate, discount or similar) Exempt
Products with an explicit fee, commission, rebate, discount or similar 5%
Interest on forms of lending (including loans, credit cards, finance leasing) Exempt
Issue, allotment or transfer of an equity or debt security Exempt

Insurance and Re-insurance:

Insurance and reinsurance (including health, motor, property, etc) 5%
Life insurance and life reinsurance Exempt

Food and Beverages: 5% VAT rate

Telecommunications and electronic services:

Wired and wireless telecommunications and electronic services: 5% VAT rate
Telecommunications and electronic services:
– Sovereign activities which are not in competition with the private sector undertaken by designated government bodies Considered outside VAT system
– Activities that are not sovereign or are in competition with the private sector VAT rate dependent on good/service ignoring provider

Not for Profit Organizations:

Activities of foreign governments, international organisations, diplomatic bodies and missions acting as such (if not in business in the UAE) Considered outside VAT system
Charitable activities undertaken by societies and associations of public welfare which are listed by Cabinet Decision Considered outside VAT system
Activities of other not for profit organizations (not listed in Cabinet Decision) which are not business activities Considered outside VAT system
Business activities undertaken by the above organizations VAT rate dependent on good/service ignoring provider

Free zones:

Supplies of goods between businesses in designated zones Considered outside VAT system
Supplies of services between businesses in designated zones VAT rate dependent on service ignoring location
Supplies of goods and services in non-designated zones VAT rate dependent on good/service ignoring location
Supplies of goods and services from mainland to designated zones or designated zones to mainland VAT rate dependent on good/service ignoring location

Other:

Export of goods and services to outside the GCC implementing states 0%
Activities undertaken by employees in the course of their employment, including salaries Considered outside VAT system
Supplies between members of a single tax group Considered outside VAT system
Any supplies of services or goods not mentioned above (includes any items sold in the UAE or service provided) 5%
Second hand goods (e.g. used cars sold by retailers), antiques and collectors’ items 5% of the profit margin

The UAE and Saudi Arabia are the two GCC member countries which will implement Value Added Tax (VAT) Reform from 1st January 2018 whereas the remaining member countries will implement over the coming years.

According to the UAE tax officials, it is anticipated that the new tax reform will help to generate nearly Dh12 billion (around 0.8 percent of GDP) revenue in the initial year after the introduction of the VAT. It might increase to Dh20 billion (around 1.2 percent of GDP) in the succeeding year (2019).

Inside a Microsoft cloud data centre with Synergy Software Systems

November 22nd, 2017

Get the reach and local presence you need with Microsoft’s global datacenters – https://azure.microsoft.com/en-us/regions/ Azure is generally available in 36 regions around the world, with plans announced for 6 additional regions.

Go beyond the limits of your on-premises datacenter using the scalable, reliable infrastructure that powers the Microsoft Cloud.

Transform your business and reduce maintenance costs with an energy-efficient infrastructure spanning more than 100 highly secure facilities worldwide, linked by one of the largest networks on earth.

The engine that powers Microsoft’s cloud services, the is designed to support smart growth, high reliability, operational excellence, cost-effectiveness, environmental sustainability, and a trustworthy online experience for customers and partners worldwide.

Microsoft deliver the core infrastructure and foundational technologies for Microsoft’s over numerous online businesses including: Dynamics 365, Power Bi, Cortana analytics, IoT, Bing, MSN, Office 365, Xbox Live, Skype, OneDrive and the Windows Azure platform.

The infrastructure is comprised of a large global portfolio of more than 100 datacenters and 1 million servers, content distribution networks, edge computing nodes, and fiber optic networks.

The portfolio is built and managed by a team of subject matter experts working 24x7x365 to support services for more than 1 billion customers and 20 million businesses in over 90 countries worldwide

Those are 2014 figures and the Microsoft cloud has expanded greatly since then for example the acquisition of Linked in and the launch of Dynamics 365.

To help you comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data, Microsoft offers the most comprehensive set of compliance offerings of any cloud service provider. Microsoft business cloud services operate with a cloud control framework, which aligns controls with multiple regulatory standards (https://www.microsoft.com/en-us/trustcenter/guidance/risk-assessment#Audit-reports)

Argentina PDPA – Microsoft has implemented the security measures in the Argentina Personal Data Protection Act.

BIR 2012 – Agencies operating in the Netherlands government sector must comply with the Baseline Informatiebeveiliging Rijksdienst standard.

Canadian Privacy Laws – Microsoft contractually commits to implementing security that helps protect individuals’ privacy.

CCSL (IRAP) – Microsoft is accredited for the Australian Certified Cloud Services List based on an IRAP assessment.

CDSA – Azure is certified to the Content Delivery and Security Assoc. Content Protection and Security standard.

China DJCP – Azure and Office 365 operated by 21Vianet are rated at Level 3 for information security protection.

China GB 18030 – Azure and Office 365 operated by 21Vianet are certified as compliant with the Chinese character standard.

China TRUCS – Azure and Office 365 operated by 21Vianet obtained Trusted Cloud Service certification.

CJIS – Microsoft government cloud services adhere to the US Criminal Justice Information Services Security Policy.

CS Mark (Gold) – Microsoft received the CS Gold Mark in Japan for Azure (IaaS and PaaS) and Office 365 (SaaS).

CSA STAR Attestation -Azure and Intune were awarded Cloud Security Alliance STAR Attestation based on an independent audit.

CSA STAR Certification – Azure, Intune, and Power BI were awarded Cloud Security Alliance STAR Certification at the Gold level.

CSA STAR Self-Assessment – Microsoft STAR Self-Assessment details how cloud services fulfill Cloud Security Alliance requirements.

DFARS – Microsoft Azure Government supports Defense Federal Acquisition Regulation (DFARS) requirements.

DoD – Microsoft received Department of Defense (DoD) Provisional Authorizations at Impact Levels 5, 4, and 2.

EN 301 549 – Microsoft meets EU accessibility requirements for public procurement of ICT products and services.

ENISA IAF – Azure aligns with the ENISA framework requirements through the CSA CCM version 3.0.1.

EU Model Clauses – Microsoft offers EU Standard Contractual Clauses, guarantees for transfers of personal data.

EU-U.S. Privacy Shield – Microsoft complies with this framework for protecting personal data transferred from the EU to the US.

FACT – Microsoft Azure achieved certification from the Federation Against Copyright Theft in the UK.

FDA CFR Title 21 Part 11 – Microsoft helps customers comply with these US Food and Drug Administration regulations.

FedRAMP – Microsoft was granted US Federal Risk and Authorization Management Program P-ATOs and ATOs.

FERPA – Microsoft aligns with the requirements of the US Family Educational Rights and Privacy Act.

FIPS 140-2 – Microsoft certifies that its cryptographic modules comply with the US Federal Info Processing Standard.

FISC – Microsoft meets the requirements of the Financial Industry Information Systems v8 standard in Japan.

GxP – Microsoft cloud services adhere to Good Clinical, Laboratory, and Manufacturing Practices (GxP).

HIPAA/HITECH – Microsoft offers Health Insurance Portability & Accountability Act Business Associate Agreements (BAAs).

HITRUST – Azure is certified to the Health Information Trust Alliance Common Security Framework.

IRS 1075 – Microsoft has controls that meet the requirements of US Internal Revenue Service Publication 1075.

ISO 9001 – Microsoft is certified for its implementation of these quality management standards.

ISO 20000-1:2011 – Microsoft is certified for its implementation of these service management standards.

ISO 22301 – Microsoft is certified for its implementation of these business continuity management standards.

ISO 27001 – Microsoft is certified for its implementation of these information security management standards.

ISO 27017 – Microsoft cloud services have implemented this Code of Practice for Information Security Controls.

ISO 27018 – Microsoft was the first cloud provider to adhere to this code of practice for cloud privacy.

IT Grundschutz Compliance Workbook – Azure Germany published this Workbook to help our clients achieve IT Grundschutz certification.

ITAR – Azure Government supports customers building US International Traffic in Arms Regs-capable systems.

MARS-E – Microsoft complies with the US Minimum Acceptable Risk Standards for Exchanges (MARS-E).

MeitY – The Ministry of Electronics and Info Technology in India awarded Microsoft a Provisional Accreditation.

MPAA – Azure successfully completed a formal assessment by the Motion Picture Association of America.

MTCS – Microsoft received certification for the Multi-Tier Cloud Security Standard for Singapore.

My Number (Japan) – Microsoft does not have standing access to My Number data, a number unique to each resident of Japan.

NEN 7510:2011 – Organizations in the Netherlands must demonstrate control over patient health data in accordance with the NEN 7510 standard.

NHS IG Toolkit – Azure is certified to the Health Information Trust Alliance Common Security Framework.

NIST 800-171 – Microsoft DoD certifications address and exceed US NIST 800-171 security requirements.

NIST CSF – Microsoft Cloud Services meet the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)

NZ CC Framework – Microsoft NZ addresses the questions published in the New Zealand cloud computing framework.

PCI DSS – Azure complies with Payment Card Industry Data Security Standards Level 1 version 3.1.

Section 508 – Microsoft cloud services offer Voluntary Product Accessibility Templates.

Shared Assessments – Microsoft demonstrates alignment of Azure with this program through the CSA CCM version 3.0.1.

SOC 1- Microsoft cloud services comply with Service Organization Controls standards for operational security.

SOC 2 – Microsoft cloud services comply with Service Organization Controls standards for operational security.

SOC 3 – Microsoft cloud services comply with Service Organization Controls standards for operational security.

Spain ENS – Microsoft received Spain’s Esquema Nacional de Seguridad (National Security Framework) certification.

UK Cyber Essentials PLUS – Cyber Essentials PLUS is a UK government-defined scheme to help organizations protect against common cyber-security threats.

UK G-Cloud – The Crown Commercial Service renewed the Microsoft cloud services classification to Government Cloud v6.

WCAG 2.0 – Microsoft cloud services comply with the Web Content Accessibility Guidelines 2.0.

Sales in Dynamics 365 (CRM)

October 24th, 2017


Watch this video for an overview of how Microsoft empowers sellers to drive personal engagement with customers.


Watch this video for some highlights of how sellers leverage key capabilities like actionable insights, relationship management, sales productivity, and sales performance.

Dynamics CRM Customer Hub

October 24th, 2017

The Customer Service Hub shows you all your vital customer service information in one place, and makes it easier for reps and managers to prioritize and act on service cases.

Expertly manage your cases, engage with your customers, and create activities directly from the timeline. With full access to a customer record, as well as related cases, entitlements, and knowledge articles, the case form in the Customer Service Hub app in Dynamics 365 for Customer Service helps you quickly find and act on data as you work toward case resolution.

Use the modern and intuitive dashboards in Customer Service Hub in Dynamics 365 for Customer Service, you can filter the information that is most important and requires immediate focus, and take decisive action.
The Tier 1 dashboard helps you find your cases and the things you need to do fast. Use visual filters and tiles to decide what you want to see and work on. The Tier 2 dashboard gives team leads and managers a single place to monitor more complex or escalated cases.

October update Dynamics 365 Project Service Automation (v2.1.0.30) Enhancements

October 24th, 2017

New capabilities enabled for this upgrade release
• Added Billing Type field on expense tax invoice line details.
•Added Role (resource category) column between Task Id and Transaction Category columns for Actual associated view.
•Improved performance by avoiding unnecessary WBS aggregation on update task.
• Localized label and better description for invalid action on MS Project label.

Below are the major bug fixes for this upgrade release
•Time entry created in the week of DST transitions to Standard time shows up on the following day. 
• Importing Estimate lines onto Quote line from Project for a 2nd time results in an error “record is unavailable”.
• Contract performance does not show milestone amount in the Billed amount for FP line.
• “Record Is Unavailable” error is shown after navigating to and deleting the cost side detail record from a quote line detail.
•WBS view UX issue with column heading width and Gantt scrollbar.
• European number formatting not respected on the quick create UI for estimated hours when creating project from template.
•In MS Project, after Find Resources and book a resource, the resource sheet is not refreshed.
• Hitting “This action is not allowed for projects linked to MS Project.” error when trying to book a team member on MSP-link project, with non-contiguous booking slots.
• Error pop-up when deactivating Resource Request.
• Generic resource is not using work hour template from project.

NOTE: This upgrade release can only be installed/upgraded for Dynamics 365 9.0+ org

Universal Resource Scheduling Enhancements
Below are the major bug fixes for this upgrade release
• Schedule board error when time zone set to GMT-3 Brasilia.
• Schedule board shows no resources available until switching from Hours view to Day view.
• Map pins are not refreshed when moving to next page of resources while in RM.
• Requirement map pin loses focus when searching for availability.
• Handle escaping requirement name on Schedule Board.
• Maintain Bookings not opening in the correct view.
• Cancel bookings route also showing in the mini map in schedule board.
• Hide inactive resource characteristics from resource fly out.
• Booking duration and percentage is not changing when cancel the booking after the moved bookings to different day. Cannot sort or filter fields added to requirement view on schedule board from other entities.
• Changing territory filter on board does not take immediate effect on the requirement tabs when Apply Territory Filter is enabled.
• On Schedule board, inconsistency in calculating the available capacity between hourly and daily view.
• Duration value is not updated when the requirement detail is deleted.
• Incorrect duration time on view details tooltip template in RM mode.
• On click of “Load Default filter” not clearing all controls in Filter control.
• Resource driving directions print window, print icon is missing next to print label.
• Add Fulfilled/Remaining Duration fields to the Requirement form.

NOTE: Enhancements and bug fixes for Universal Resource Scheduling apply for Field Service and Project Service Automation as well as other schedulable entities.

VAT registration U.A.E. – act now deadlines are imminent

October 17th, 2017

The UAE Federal Tax Authority (FTA) online portal is open 24/7 to allow for taxpayers to register for VAT purposes. The FTA has also determined the deadlines for the application for VAT registration based on business turnover.
For larger companies VAT registration is required by 31 October 2017, and such businesses should
immediately consider the timeline requirement given their turnover profile and the other registration
requirements.
Businesses that are required to register for VAT will need to set up an online account on the FTA website and complete the VAT registration form.

The FTA has announced that a phased registration approach has been introduced. In particular, those businesses that meet these criteria must comply with the relevant application dates for registration:
● Businesses with an annual turnover exceeding AED 150 million must apply for registration by
31 October 2017
● Businesses with an annual turnover exceeding AED 10 million must apply for registration by 30 November 2017

● Remaining businesses with an annual turnover exceed the mandatory registration threshold
(expected to be AED 375,000) must apply for registration by 4 December 2017
Prior to the fulfilment of the VAT registration form, the FTA provides a “Getting Started Guide” that shares essential information that businesses should be aware of. This includes information on the registration criteria, registration of a VAT group, and necessity to register if only zero-rated supplies are made.

Additional details clarifying the VAT registration mechanism are found in the VAT registration guide, a document posted on FTA online portal under the “Advice” tab. This document captures the
calculation of turnover for VAT purposes, a walk-through of VAT registration through the FTA
registration portal, registration of a VAT group and types of books and records required to be held by a
taxpayer to ensure accurate tax compliance.

We strongly advise for businesses to visit the FTA website to initiate their VAT registration application by
their applicable deadline after having considered the guidance provided by the FTA and other advice
as required (for instance VAT Grouping).
Businesses should allow time to compile the required information for the VAT registration.

Dynamics 365 October update

October 10th, 2017

Several enhancements and new capabilitiestwill be rolled out to customers of the Dynamics 365 Customer Engagement services for: Sales, Customer Service, Field Service, and Project Service Automation.

User productivity

Employees interact with business data across different form factors on-the-go. It is important for them to get a consistent experiences and behavior across all types of devices. With this update, the Dynamics 365 applications get a refresh of the web user interface that will help employees achieve higher levels of productivity. The user experience includes consistent color themes, uniform page structuring and spacing, font standardization, and containers for related data.A new, Unified Interface powers Dynamics 365 for phones and tablets app and Dynamics 365 App for Outlook.

Users will see customer data in easy-to-read ‘containers’ that streamline data entry for improved employee productivity. The new experience reduces the need for scrolling on the form and leverages enhanced use of whitespace. It also allows for text wrapping, and an updated business process experience that they can expand and dock on-demand as needed.

The new timeline control gives a single sequential view of activity, notes, and posts across the time horizon that can be filtered easily to show relevant data. The record navigation experience makes it easy for employees to find and navigate to critical data with minimal clicks.

Microsoft Flow is provided in the context of Dynamics 365 to provide the user direct access to a list of active flows that are user-owned, as well as the ones enabled from their organization, to automate tasks and workflows between apps and services. Users can invoke flows from the site map, grid, and detail forms of records. This capability is now available on all form factors: web, tablets, and phones.

Business application platform improvements
Significant enhancements to the business application platform across the design surface and integration options for Dynamics 365 applications will support an organization’s ability to launch changes quickly at Microsoft cloud scale. This release will bring the following new platform capabilities:

Data integration and management
With Virtual entities, application customizers can easily embed external data in Dynamics 365 without writing any code or replicating data. Customizers can integrate this external data into Dynamics 365 grids, forms, lookups, sub-grids, and find at runtime. You can use this data by creating a data source for your OData endpoint. For more advanced requirements, developers can implement their own data providers to suit their specific needs.

Security and compliance
Activity Logging and Security Information and Event Management (SIEM) systems integration with Dynamics 365 enables auditing and analysis of create, read, update, and delete actions, admin operations, and login events. This release enables scenarios for basic forensic investigation, reporting, access to SIEM systems, monitoring, and compliance.

Existing customers will start receiving these updates later this calendar year.
New customers, and trials for these Dynamics 365 applications ,will receive these updates this month.

.

Dynamics 365 for Finance and Operations, Enterprise edition platform update 11

October 10th, 2017

Dynamics 365 for Finance and Operations, Enterprise edition platform update 11. This version was released in October 2017 and has a build number of 7.0.4679.35176.
For information about bug fixes : see the LCS article KB 4047244 for PU11 https://fix.lcs.dynamics.com/Issue/Resolved/1191076?kb=4047244&bugId=3869536

Some key new features:
Attachment presence and document count indicator

Auditing of user sign in and sign out
Copy legal entity configurations to a new legal entity
Support for display and edit methods in class extensions
Support for field arrays in table extensions

Synergy Software Systems at the Microsoft Manufacturing Masterclass-

September 27th, 2017

A packed house for the Microsoft Manufacturing Masterclass today with stimulating presentations on Digital transformation.

Security security security

September 26th, 2017

You never know when some item that queries or alters data in SQL Server will cause issues.

Bruce Schneier recently commented on FaceID and Bluetooth security, the latter of which has a vulnerability issue. I was amazed to see his piece on infrared camera hacking. A POC on using light to jump air gaps is truly frightening. It seems that truly anywhere that we are processing data, we need to be thinking (see https://arstechnica.com/information-technology/2017/09/attackers-can-use-surveillance-cameras-to-grab-data-from-air-gapped-networks/)

Airborne attacks, unfortunately, provide a number of opportunities for the attacker. First, spreading through the air renders the attack much more contagious, and allows it to spread with minimum effort. Second, it allows the attack to bypass current security measures and remain undetected, as traditional methods do not protect from airborne threats. Airborne attacks can also allow hackers to penetrate secure internal networks which are “air gapped,” meaning they are disconnected from any other network for protection. This can endanger industrial systems, government agencies, and critical infrastructure. With BlueBorne, attackers can gain full control right from the start. Moreover, Bluetooth offers a wider attacker surface than WiFi, almost entirely unexplored by the research community and hence contains far more vulnerabilities

Finally, unlike traditional malware or attacks, the user does not have to click on a link or download a questionable file. No action by the user is necessary to enable the attack.

Fully patched Windows and iOS systems are protected

– the Equifax breach for example must worry everyone who has ever had credit in the USA. (Hackers broke into Equifax’s computer systems in March, which is two months earlier than the company had previously disclosed, according to a Wall Street Journal report.)

The Securities and Exchange Commission said Wednesday that a cyber breach of a filing system it uses may have provided the basis for some illegal trading in 2016. In a statement posted on the SEC’s website, Chairman Jay Clayton said a review of the agency’s cybersecurity risk profile determined that the previously detected “incident” was caused by “a software vulnerability” in its EDGAR filing system (which processes over 1.7 million electronic filings in any given year.) The agency also discovered instances in which its personnel used private, unsecured email accounts to transmit confidential information.

So let me suggest take a good look at your systems and be honest – do you feel safe?

Microsoft has released Microsoft 365, a complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely. Watch Satya introduce it.

What about your websites?
Although acts of vandalism such as defacing corporate websites are still commonplace, hackers prefer to gain access to the sensitive data residing on the database server and then to sell the data.

The costs of not giving due attention to your web security are extensive and apart form direct financial burden and inconvenience also risks:
• Loss of customer confidence, trust and reputation with the consequent harm to brand equity
• Negative impact on revenues and profits arising e.g. from falsified transactions, or from
employee downtime
• Website downtime – is in effect the closure of one of the most important sales and marketing channels
especially for an e-business
• Legal battles and related implications from Web application attacks and poor security
measures including fines and damages to be paid to victims.

Web Security Weaknesses
Hackers will attempt to gain access to your database server through any way they can e.g. out of date protocols on a router. Two main targets are :
• Web and database servers.
• Web applications.

Information about such exploits are readily available on the Internet, and many have been reported on this blog previously.

Web Security Scanning
So no surprise that Web security should contain two important components: web and database server security, and web application security.

Addressing web application security is as critical as addressing server security.

Firewalls and similar intrusion detection mechanisms provide little defense against full-scale web
attacks.
Since your website needs to be public, security mechanisms allow public web traffic to
communicate with your web and databases servers (i.e. over port 80).

It is of paramount importance to scan the security of these web assets on the network for possible vulnerabilities. For example, modern database systems (e.g. Microsoft SQL Server, Oracle and MySQL) may be
accessed through specific ports and so anyone can attempt direct connections to the databases to try and bypass the security mechanisms used by the operating system. These ports remain open to allow communication with legitimate traffic and therefore constitute a major vulnerability.

Other weaknesses relate to the database application itself and the use of weak or default passwords by
administrators. Vendors patch their products regularly, and equally regularly find new ways of
attack.

75% of cyber attacks target weaknesses within web applications rather than directly at the
servers. Hackers launch web application attacks on port 80 . Web applications are more open to uncovered vulnerabilities since these are generally custom-built and therefore pass through a lesser degree of
testing than off-the-shelf software.

Some hackers, for example, maliciously inject code within vulnerable web applications to trick users
and redirect them towards phishing sites. This technique is called Cross-Site Scripting (XSS) and may
be used even though the web and database servers contain no vulnerability themselves.

Hence, any web security audit must answer the questions “which elements of our network
infrastructure are open to hack attacks?”,
“which parts of a website are open to hack attacks?”, and “what data can we throw at an application to cause it to perform something it shouldn’t do?”

Ask us about Acunetix and Web Security
Acunetix ensures web site security by automatically checking for SQL Injection, Cross Site Scripting,
and other vulnerabilities. It checks password strength on authentication pages and automatically
audits shopping carts, forms, dynamic content and other web applications. As the scan is being
completed, the software produces detailed reports that pinpoint where vulnerabilities exist

Industry 4.0 : Digitalization of the Manufacturing Sector Masterclass – Meet Synergy Software Systems Manufacturing experts tomorrow H Hotel Dubai

September 26th, 2017

Hear from industry experts, network, meet with us and let us show you Dynamics 365 Finance and Operations Enterprise at this Microsoft Gul sponsored Manufacturing Master Class.

08:00 – 09:00 Registration
09:00 – 09:20 Omar Saleh – Microsoft – Industry Director, Manufacturing MEA
09:20 – 09:50 Gert Thoonen – Business Development Network & Security Services, ME – Rockwell Automation
09:50-10:20 Nicholas Brunet – Middle East Regional Business Leader – 3M
10:20-10:50 Mustafa Farhan – Strategic Transformation Lead, Middle East and Africa, Microsoft
Break
11:00 – 11:30 Suryanka Jatain – Principal – Digital Strategy and Transformation – KPMG
11:30 – 12:00 Assem Khalaili – Executive Vice President, Customer Services – MEA Digital Factory – Process Industries & Drives – Siemens
12:00 – 12:30 Charif Hamidi – Senior Consultant – Strategy – EY

Join us for lunch.
If you have not yet registered then call us now on 00971 43365589 or email Suresh Savari

Microsoft Modern Lifecycle Policy (and Dynamics 365 Finance and Operations)

September 20th, 2017

When you move to Dynamics 365 Finance and Operations, whether on cloud or on premise, ensure your understand the requirements to keep your system updated. The Modern Lifecycle Policy covers products and services that are serviced and supported continuously.

https://support.microsoft.com/en-us/help/30881/modern-lifecycle-policy

The Finance and Operations online service and the Finance and Operations (on-premises) software are covered by the Modern Lifecycle Policy. Licensed customers must stay current with updates to the Finance and Operations online service or the Finance and Operations (on-premises) software in accordance with the following servicing and system requirements:
•Starting with the release of Microsoft Dynamics 365 for Operations version 1611, application versions are supported for three years from the initial date of a major release, as specified in Table 1 later in this topic.

Platform versions are supported for one year . Platform versions maintain backward compatibility. . Critical fixes and non-critical updates are handled in the following way:

Critical fixes – Microsoft may provide a customer with a hotfix for their current platform version of Finance and Operations, or a fix may be provided in the latest platform version of Finance and Operations, at its discretion.

Non-critical updates – Customers must update to the most current Finance and Operations platform version to deploy non-critical updates.

On-premises software update policies

On-premises deployments
The customer is in full control of its on-premises deployments and must follow this policy. The customer is in control of installing updates in its on-premises environments. Microsoft will support the Finance and Operations (on-premises) software through December 31, 2027, at a minimum, but only if the customer keeps the deployed software current according to this policy.

The Finance and Operations (on-premises) software is licensed and supported under the Modern Lifecycle Policy. This policy requires that the customer maintain Software Assurance (SA) or the Enhancement Plan, and that it deploys updates . Customers who want to use the Fixed Support Lifecycle Policy (5+5) must downgrade to Microsoft Dynamics AX 2012 R3.

When a customer lapses on SA or the Enhancement Plan, then it will be eligible only for the perpetual license rights to AX 2012 R3 and must uninstall the Finance and Operations (on-premises) software.

The initial release of the Finance and Operations (on-premises) software will be based on Platform update 8 and the July 2017 update of the application.

For details of what changed with which each update see https://docs.microsoft.com/en-us/dynamics365/unified-operations/dev-itpro/get-started/what’s-new-changed.

Be aware also if deployed on premise of related products like SQL, Windows, Office, Internet Explorer, Visual Studio, Sharepoint etc that may also need to be upgraded.

Note that both Microsoft Dynamics AX 2012 and Microsoft Dynamics AX 2012 R2 support will end in 2018

Here are some products for which support will end in 2018 start planning:
The following list represents some of the products reaching end of support in the next year. For a comprehensive list of Microsoft products and their lifecycle policy timelines, please search the Microsoft Lifecycle Product Database.
Products Under the Modern Policy Moving to End of Support:
The following products, governed by the Modern Policy, have announced end of support for 2018. There will be no new security updates, non-security updates, free or paid assisted support options or online technical content updates.

Products Under the Modern Policy Moving to End of Support
Effective end dates are shown against each>

Microsoft Azure Mobile Engagement March 31, 2018
Parature, from Microsoft
Microsoft Dynamics Marketing May 15, 2018
Adxstudio Portals v7 October 9, 2018

Fixed Policy Products Moving to End of Support:
The following products will be reaching end of support in 2018. There will be no new security updates, non-security updates, free or paid assisted support options or online technical content updates.

Microsoft Dynamics C5 2014
Microsoft Expression Encoder
Microsoft Office Communications Server 2007, all editions
Microsoft Office Communications Server 2007 R2, all editions
Microsoft Office Communicator 2007
Microsoft Office Communicator 2007 R2
Microsoft Office Communicator 2007 R2 Phone Edition
Microsoft Office PerformancePoint Server 2007
Microsoft PlayReady Server Software Development Kit v. 2.0
Microsoft System Center Data Protection Manager 2007
Microsoft System Center Virtual Machine Manager 2007
Windows Embedded Device Manager 2011
Windows Embedded Device Manager Software Development Kit
Windows 10 Mobile Enterprise, released in November 2015**
Windows 10 Mobile, released in November 2015**

January 9, 2018

FAST Unity 2.5 April 1, 2018
Microsoft SQL Server Compact 3.5
Microsoft Visual Studio 2008, all editions
Microsoft Visual Studio Team System 2008, all editions
Microsoft Visual Studio Team System 2008 Team Foundation Server
Microsoft Dynamics CRM 4.0
Microsoft Office Accounting 2008, all editions
Microsoft System Center Capacity Planner 2007
Microsoft Visual Basic 2008 Express Edition
Microsoft Visual C# 2008 Express Edition
Microsoft Visual Web Developer 2008 Express Edition
Windows Embedded CE 6.0

April 10, 2018

FAST Featured Content 1.3
FAST Recommendations 2.2 April 23, 2018
FAST ESP 5.2 May 9, 2018
FAST ImPulse 5.0 July 1, 2018
Microsoft System Center Mobile Device Manager 2008
Microsoft Search Server 2008, all editions
StorSimple 5000/7000 Series
Windows Web Server 2008
July 10, 2018

FAST ESP 5.3 July 16, 2018
FAST Recommendations 2.5 October 8, 2018
Lync for Mac 2011
Lync Meeting room
Microsoft Enterprise Desktop Virtualization
Microsoft Expression Blend 2
Microsoft Expression Design 2
Microsoft Expression Encoder 2
Microsoft Expression Studio 2
Microsoft Expression Web 2

October 9, 2018

FAST AdMomentum 3 November 2, 2018
Microsoft Forefront Threat Management Gateway, Medium Business Edition November 12, 2018
FAST ImPulse 5.1 December 18, 2018

Products Transitioning from Mainstream to Extended Support: The following products will be moving from Mainstream Support into Extended Support over the next year. Extended Support lasts for a minimum of 5 years and includes security updates at no cost, and paid non-security updates and support. Additionally, Microsoft will not accept requests for design changes or new features during the Extended Support phase.

Products Moving from Mainstream to Extended Support

Microsoft Application Virtualization 5.1 for Remote Desktop Services
Microsoft Application Virtualization 5.1 for Windows Desktops
Microsoft Application Virtualization Hosting 5.1 for Windows Desktops
Microsoft Dynamics NAV 2013
Microsoft Dynamics NAV 2013 R2
Microsoft Hyper-V Server 2012
Microsoft Hyper-V Server 2012 R2
Microsoft Visual Studio 2012 Software Development Kit
Microsoft Visual Studio 2012 Tools for Applications Software Development Kit
Service Bus for Windows Server
Windows 8.1, all editions
Workflow Manager 1.0
Workflow Manager Client 1.0
Workflow Manager Tools for Visual Studio 2012

January 9, 2018

Exchange Server 2013, all editions
Microsoft Access 2013
Microsoft Advanced Group Policy Management 4.0
Microsoft Dynamics AX 2009
Microsoft Dynamics GP 2013
Microsoft Excel 2013
Microsoft HPC Pack 2012
Microsoft HPC Pack 2012 R2
Microsoft Lync 2013
Microsoft Lync Phone Edition
Microsoft Lync Server 2013, all editions
Microsoft Office 2013
Microsoft Office Web Apps Server 2013
Microsoft OneNote 2013
Microsoft Outlook 2013
Microsoft PowerPoint 2013
Microsoft Project 2013, all editions
Microsoft Project Server 2013
Microsoft Publisher 2013
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft Visio 2013
Microsoft Word 2013
Skype for Business 2015

April 10, 2018

Microsoft Lync 2013 Software Development Kit April 20, 2018
BizTalk Server 2013, all editions
BizTalk Server 2013 R2, all editions
Microsoft BitLocker Administration and Monitoring 2.0
Windows Embedded 8 Standard
Windows Embedded 8.1 Industry Enterprise
Windows Embedded 8.1 Industry Pro

July 10, 2018

Microsoft Audit and Control Management Server 2013
Microsoft Dynamics AX 2012
Microsoft Dynamics AX 2012 R2

Microsoft SQL Server 2012 Parallel Data Warehouse
Windows Embedded Compact 2013
Windows Multipoint Server 2012, all editions
Windows Server 2012, all editions
Windows Server 2012 R2, all editions
Windows Server Update Services for Windows Server 2012
Windows Storage Server 2012, all editions
Windows Storage Server 2012 R2, all editions

October 9, 2018
** = Windows 10 follows the Windows as a Service (WaaS) lifecycle.

Management reporter 2012 CU16 recent hotfixes

September 10th, 2017

Hotfix 3813390 can be downloaded here:

https://mbs.microsoft.com/Files/customer/MgmtReporter/Downloads/Servicepacks/ManagementReporter2012-CU16-Hotfix-3813390-en-us-update.exe

This hotfix addresses the issue where user security may be removed during Company to Company mapping when there is a SQLException.
If a SQLException occurs during the AX 2012 Companies to Company integration task, such as SQL server being offline, then users may be removed from the security groups in Management Reporter Security and from reporting tree definitions.
Once the cause of the SQL exception is corrected, the data mart integration task will complete, and users will once again be synchronized from Dynamics AX and added to Management Reporter Security, except they will have new user IDs.
The users with new IDs are then not added to the groups/trees that they were in previously.
This issue is logged as bug 3813390. Hotfix 3813390 prevents this issue from occurring.


Hotfix 3815274 is an optional hotfix that can be applied to CU16.
It can be loaded to revert a CU16 change with reporting tree rollups.
The hotfix will allow children nodes to be rolled up to a parent that contains a Dimension filter.
Before making any changes, be sure to have a backup of the MRServiceHost.settings.config file.
You can then do the following:
1. Open the Management Reporter Configuration Console.
You will need to be logged in as a user that has the Administrator role in MR, when starting the console.
2.Stop both the Process Service and the Application Service.
3.Navigate to “C:\Program Files\Microsoft Dynamics ERP\Management Reporter\2.1\Server\Services\MRServiceHost.settings.config”
4.Edit the config file in Notepad and then add the following line.
This will change the functionality such that dimension filters on summary tree units will be ignored (pre-CU15 functionality):

This new line should be added before the

1.Save your changes and close Notepad.
2.In the Management Reporter Configuration Console, start the Process Service and the Application Service.
Once the services are restarted, re-generate your reports for the changes to be applied.

Hotfix 3815274 can be downloaded here:

https://mbs.microsoft.com/files/customer/MgmtReporter/Downloads/ProductReleases/ManagementReporter2012-CU16-Hotfix-3815274-en-us-update.exe